Abstract
Traditional cybersecurity architectures incorporate security mechanisms that provide services such as confidentiality, authenticity, integrity, access control, and non-repudiation. These mechanisms are used extensively to prevent computer and network intrusions and attacks. For instance, access control services prevent unauthorized access to cyber resources such as computers, networks, and data. However, the modern Internet security landscape is characterized by attacks that are voluminous, constantly evolving, extremely fast, persistent, and highly sophisticated Schnackenberg et al. (2000), Anuar et al. (2010). These characteristics impose significant challenges on preventive security services. Consequently, methodologies that enable autonomic detection and response to cyberattacks should be employed synergistically with prevention techniques in order to achieve effective defense-in-depth strategies and robust cybersecurity systems. This is especially true for the critical systems belonging to Industry 4.0 systems. In this chapter, we describe how we have integrated cyberattack detection and response mechanisms into our Software-Defined Cloud Manufacturing architecture. The cyberattack detection algorithm described in this chapter is based on ensemble intelligence with neural networks whose outputs are fed into a neuro-evolved neural network oracle. The oracle produces an optimized classification output that is used to provide feedback to active attack response mechanisms within our software-defined cloud manufacturing system. The underlying goal of this chapter is to show how computational intelligence approaches can be used to defend critical Industry 4.0 systems as well as other Internet-driven systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Anderson J (1980) Computer security threat monitoring and surveillance
Anuar NB, Papadaki M, Furnell S, Clarke N (2010) An investigation and survey of response options for intrusion response systems (IRSs). In: Information security for south africa (ISSA)
Athanasiades N, Abler R, Levine J, Owen H, Riley G (2003) Intrusion detection testing and benchmarking methodologies. In: Proceedings of the first IEEE international workshop on information assurance (IWIA’03)
Axelsson S (2000) Intrusion detection systems: a survey and taxonomy. Technical Report, Department of Computer Engineering, Chalmers University of Technology
Axelsson S (2000) The base-rate fallacy and the difficulty of intrusion detection. ACM Trans Inf Syst Secur 3(3):186–205
Engen V (2010) Machine learning for network based intrusion detection. PhD Thesis, Bournemouth University
Ghorbani AA, Lu W, Tavallaee M (2010) Detection approaches. Springer, J Network Intrusion Detection and Prevention
Hatch M (2014) The maker movement manifesto, McGraw-Hill Education. ISBN 10:0071821120
Iheagwara C, Awan F, Acar Y, Miller C (2006) Maximizing the benefits of intrusion prevention systems: effective deployment strategies. In: Proceedings of the 18th annual forum of incident response and security teams (FIRST) conference
Kabiri P, Ghorbani A (2005) Research on intrusion detection and response: a survey. Int J Netw Secur 1(2):84–102
Khor KC, Ting CY, Amnuaisuk SP (2009) From feature selection to building of bayesian classifiers: a network intrusion detection perspective. Am J Appl Sci 6(11):1949–1960
Knapp E, Langill J (2015) Industrial network security: securing critical infrastructure networks for smart grid, SCADA, and other industriaal control systems, 2nd edn. ISBN 978-0-12-420114-9
Li BH, Zhang L, Wang SL, Tao F, Cao JW, Jiang XD et al. (2010) Cloud manufacturing: a new service-oriented networked manufacturing model. Comput Integr Manuf Syst 16(1):1–7
Lippmann R, Haines J, Fried D, Korba J, Das K (2000) The 1999 DARPA off-line intrusion detection evaluation. Comput Netw 34(4):579–595
McHugh J (2000) Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln laboratory. ACM Trans Inf Syst Secur 3(4):262–294
NIST Special Publication 800-82 (2011) Guide to industrial control systems (ICS) security. http://csrc.nist.gov/publications/nistpubs/800-82/SP800-82-final.pdf
Open Networking Foundation (ONF) (2012) Software-defined networking: the new form for networks
Paul Brody (2013) Get ready for software-defined supply chain. Web: http://www.supplychainquarterly.com/topics/Manufacturing/20140110-get-ready-for-the-software-defined-supply-chain/
Perdisci R, Ariu D, Fogla P, Giacinto G, Lee W (2009) McPAD: A multiple classifier system for accurate payload-based anomaly detection. Int J Comput Telecommun Netw 53(6):864–881
Peterson A, Schaefer D (2016) Social product development: introduction, overview, and current status, In: Schaefer D (ed) Product development in the socio-sphere: game changing paradigms for 21st century breakthrough product development and innovation. Springer pp 63–98. ISBN 978-3-319-07403-0
Ruighaver A (2008) Organisational security requirements: an agile approach to ubiquitous information security. In: Proceedings of the sixth australian information security management conference
Schaefer D, Thames JL, Wellman R, Wu D, Yim S, Rosen D (2012) Distributed collaborative design and manufacture in the cloud motivation, infrastructure, and education. ASEE 2012 annual conference and exposition, San Antonio, Texas, June pp 10–13
Schnackenberg D, Djahandari K, Sterne D (2000) Infrastructure for intrusion detection and response. In: Proceedings of the 2000 DARPA information survivability conference and exposition
Tavallaee M, Stakhanova N, Ghorbani A (2010) Toward credible evaluation of anomaly-based intrusion-detection methods. IEEE Trans Syst Man Cybern Part C: Appl 40(5):516–524
Tavallaee M, Bagheri E, Lu W, Ghorbani A (2009) A detailed analysis of the KDD CUP 99 data set. In: Proceedings of the second IEEE international conference on Computational intelligence for security and defense applications, IEEE Press
Thames JL, Abler R, Hyder A, Wellman R, Schaefer D (2011) Architectures and design methodologies for scalable and sustainable remote laboratory infrastructures. In: Azad A, Judson (ed) Internet accessible remote laboratories: scalable e-learning tools for engineering and science disciplines. IGI Global Publishing, ISBN 978-1-61350-186-3, Chapter 13, pp 254–275
Thames JL (2014) Distributed, collaborative, and automated cyber security infrastructures for cloud-based design and manufacturing systems. In: Schaefer D (ed) Cloud-based design and manufacturing (CBDM): a service-oriented product development paradigm for the 21st century. Springer, pp 207–229. ISBN 978-3-319-07398-9. doi:10.1007/978-3-319-07398-9_8
Venayagamoorthy G (2011) Dynamic, stochastic, computational, and scalable technologies for smart grids. IEEE Comput Intell Mag 6(3):22–35
Wu D, Greer MJ, Rosen DW, Schaefer D (2013) Cloud manufacturing: strategic vision and state-of-the-art. J Manuf Syst
Wu D, Thames JL, Rosen D, Schaefer D (2012) Towards a cloud-based design and manufacturing paradigm: looking backward, looking forward. ASME 2012 international design engineering technical conference and computers and information in engineering conference (IDETC/CIE), Chicago, Illinois, August pp 12–15
Wu D, Thames JL, Rosen D, Schaefer D (2013) Enhancing the product realization process with cloud-based design and manufacturing systems. ASME J Comput Inf Sci Eng (JCISE) 13(4)
Xu X (2012) From cloud computing to cloud manufacturing. Rob Comput Integr Manuf 28(1):75–86
Zhang J, Porras P, Ullrich J (2008) Gaussian process learning for cyber-attack early warning. In: Proceedings of the SIAM international conference on data mining
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Thames, L., Schaefer, D. (2017). Cybersecurity for Industry 4.0 and Advanced Manufacturing Environments with Ensemble Intelligence. In: Thames, L., Schaefer, D. (eds) Cybersecurity for Industry 4.0. Springer Series in Advanced Manufacturing. Springer, Cham. https://doi.org/10.1007/978-3-319-50660-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-50660-9_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-50659-3
Online ISBN: 978-3-319-50660-9
eBook Packages: EngineeringEngineering (R0)